[unisog] scanners for the lastest MS vulnerabilities?

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Mon Oct 20 22:34:51 GMT 2003


On Tue, 21 Oct 2003 11:03:30 +1300, Russell Fulton <r.fulton at auckland.ac.nz>  said:

> And does anyone have any thought on the difficulty or otherwise of
> deploying any of the latest vulnerabilities in a worm?

Russell - the problem is that you and I presumably have lives, but the black
hats often don't.  If nothing else, we have to file paperwork (insert Dilbert
cartoon of Dilbert having to file 4 hours of paperwork for a "here, it's done"
change ;)

Also, they only have to write one worm, whereas we have to patch a lot of
machines.  And they don't have to ask permission when debugging/testing,
whereas we do have to ask permission before patching.  And so on.

Bottom line - you should have started patching 2 weeks before the vulnerability
came out.  I'm told Mr Ballmer had comments recently about making this
easier... :)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20031020/d469e98d/attachment-0003.bin


More information about the unisog mailing list